chiesigroup.com
Issued by R3
About this certificate
This digital certificate with serial number 03:3c:8c:36:14:15:7b:b9:e0:66:47:80:4d:82:c8:e0:55:53 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=chiesigroup.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:3c:8c:36:14:15:7b:b9:e0:66:47:80:4d:82:c8:e0:55:53Serial Number (int): 281940172521327571703587074568521747813715
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 58:6a:03:c3:9c:88:1b:8b:ef:0e:8b:b7:6a:d1:88:26:25:cc:ed:7e
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): c9:d5:c6:61:e4:e2:4a:eb:67:0a:30:e9:19:9e:f3:69:a9:a0:a4:c5
Fingerprint (sha256): 82:4b:ac:f5:2b:a1:5f:94:0a:05:c0:6f:82:de:57:02:0e:53:28:f9:39:9f:08:58:ff:66:28:00:9e:48:85:16
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate chiesigroup.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for chiesigroup.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
chiesigroup.com
www.chiesigroup.com
www.chiesigroup.com
Other certificates including the domain name chiesigroup.com
(limited to 100 certificates)
itpool.chiesigroup.com
extranet.chiesi.com
chiesisg.chiesigroup.com
chiesisg.chiesigroup.com
MAIL.chiesi.com
mail.chiesigroup.com
sip.chiesigroup.com
webconf.chiesigroup.com
itpool.chiesigroup.com
itpool.chiesi.com
wifi.chiesigroup.com
sip.chiesi.com
MAIL.chiesi.com
extranet.chiesi.com
extranet.chiesigroup.com
cag.chiesigroup.com
cag.chiesigroup.com
chvpn.chiesigroup.com
wifi.chiesigroup.com
itpool.chiesi.com
itpool.chiesi.com
pem.chiesigroup.com
cargobay.chiesi.com
mail.chiesi.com
extranet.chiesigroup.com
wifi.chiesigroup.com
chiesigroup.com
cargobay.chiesi.com
wifi.chiesigroup.com
chiesicrm.chiesigroup.com
chiesigroup.com
chiesisg.chiesigroup.com
sip.chiesi.com
itpool.chiesi.com
cag.chiesigroup.com
mail.chiesi.com
sip.chiesigroup.com
chiesigroup.com
sip.chiesigroup.com
extranet.chiesi.com
chvpn.chiesigroup.com
pem.chiesigroup.com
chiesigroup.com
sip.chiesigroup.com
pem.chiesigroup.com
chiesicrm.chiesigroup.com
www.chiesigroup.com
ngs.chiesigroup.com
pem.chiesigroup.com
MAIL.chiesi.com
cargobay.chiesi.com
sip.chiesigroup.com
MAIL.chiesi.com
cag.chiesigroup.com
cargobay.chiesigroup.com
sip.chiesigroup.com
itpool.chiesigroup.com
extranet.chiesi.com
pem.chiesigroup.com
chiesicrm.chiesigroup.com
chiesisg.chiesigroup.com
chiesigroup.com
extranet.chiesigroup.com
chiesigroup.com
attp.chiesi.com
chiesigroup.com
webconf.chiesigroup.com
chiesicrm.chiesigroup.com
itpool.chiesigroup.com
chiesigroup.com
ngs.chiesigroup.com
chiesigroup.com
sip.chiesi.com
sharefile.chiesi.com
chiesigroup.com
extranet.chiesi.com
chiesisg.chiesigroup.com
chiesisg.chiesigroup.com
MAIL.chiesi.com
mail.chiesigroup.com
sip.chiesigroup.com
webconf.chiesigroup.com
itpool.chiesigroup.com
itpool.chiesi.com
wifi.chiesigroup.com
sip.chiesi.com
MAIL.chiesi.com
extranet.chiesi.com
extranet.chiesigroup.com
cag.chiesigroup.com
cag.chiesigroup.com
chvpn.chiesigroup.com
wifi.chiesigroup.com
itpool.chiesi.com
itpool.chiesi.com
pem.chiesigroup.com
cargobay.chiesi.com
mail.chiesi.com
extranet.chiesigroup.com
wifi.chiesigroup.com
chiesigroup.com
cargobay.chiesi.com
wifi.chiesigroup.com
chiesicrm.chiesigroup.com
chiesigroup.com
chiesisg.chiesigroup.com
sip.chiesi.com
itpool.chiesi.com
cag.chiesigroup.com
mail.chiesi.com
sip.chiesigroup.com
chiesigroup.com
sip.chiesigroup.com
extranet.chiesi.com
chvpn.chiesigroup.com
pem.chiesigroup.com
chiesigroup.com
sip.chiesigroup.com
pem.chiesigroup.com
chiesicrm.chiesigroup.com
www.chiesigroup.com
ngs.chiesigroup.com
pem.chiesigroup.com
MAIL.chiesi.com
cargobay.chiesi.com
sip.chiesigroup.com
MAIL.chiesi.com
cag.chiesigroup.com
cargobay.chiesigroup.com
sip.chiesigroup.com
itpool.chiesigroup.com
extranet.chiesi.com
pem.chiesigroup.com
chiesicrm.chiesigroup.com
chiesisg.chiesigroup.com
chiesigroup.com
extranet.chiesigroup.com
chiesigroup.com
attp.chiesi.com
chiesigroup.com
webconf.chiesigroup.com
chiesicrm.chiesigroup.com
itpool.chiesigroup.com
chiesigroup.com
ngs.chiesigroup.com
chiesigroup.com
sip.chiesi.com
sharefile.chiesi.com
chiesigroup.com
Certificate
The complete raw certificate details for chiesigroup.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFOjCCBCKgAwIBAgISAzyMNhQVe7ngZkeATYLI4FVTMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMjExMDUxNDMzMjRaFw0yMzAyMDMxNDMzMjNaMBoxGDAWBgNVBAMT D2NoaWVzaWdyb3VwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ALhSvyxA3HdgWVDwa5eFfUyJIlQaLas6SqW8tldZzy4vwGhN/3PspbYdjSIRzofT HR5JCoxFEr8CIO8Kr4Ha5aBJrMJ1OliRKDFFIkiwvfilDUhPRSpx3wpAbRc2UC1i sz6ZzPBA7VTtIu66wuunmIQlYn1fQr2QEje1vqZKURok4M+24SbKj5YvOBDzd3A/ uObTgFzSItm+mJ5qopVjqip/ubyox78CoMMao+AWLU7PsXWjAm7UJls5GrgUg5Q5 a5vj4XdQH9YZ6noHL9kwk04EfwaipTXTvtnwTzU784elKEmmlLPmmLC5KDTD65Oq laYZ4EkF21nA92c7gby9F6kCAwEAAaOCAmAwggJcMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQUWGoDw5yIG4vvDou3atGIJiXM7X4wHwYDVR0jBBgwFoAUFC6zF7dYVsuu UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y Zy8wLwYDVR0RBCgwJoIPY2hpZXNpZ3JvdXAuY29tghN3d3cuY2hpZXNpZ3JvdXAu Y29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYB BQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYBBAHWeQIE AgSB9gSB8wDxAHcAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGE SGzc7wAABAMASDBGAiEA6sgZzEFQt7IxzEoP8OsFEda4KLIV1k74zKopM9HBhz8C IQDhK7msWHKADculvmCw0K33smw/2ebxaaJzVfPQPf5YFQB2AHoyjFTYty22IOo4 4FIe6YQWcDIThU070ivBOlejUutSAAABhEhs3QoAAAQDAEcwRQIgdPU9DIepZYjr kbBUfkL0SgYpPq2EhTI8qDmjGTP7/sgCIQCOsasu8vtTSTeTzwJsdUDGNoEI2eRc RcB+ybnlShXD9TANBgkqhkiG9w0BAQsFAAOCAQEANL8c6PNnD8RnnZ8chakf2G61 rHfE3QkAxpJQ0TaC1E7ROXRtFRaIKRMqFODf9cAKtbuXxfP4wBrYicH7uR1T9T4q mx3RgE6zcUDN5avr8+8Y+P3vgJMmWxqZDfMCGDNWPV2C7ro8ig1AoEQ4aq6RA56H dSeh2Ok8IHLuNWuvSutqlCRAOl2rNlAgL0GXtx6Rv2WWUSUOV5KcVl/1AFx8mugS 1131xgdDTB66aDsknUjMu8HwH/avDsM1/cFqTGMX8n8ckfiSpscVTvk+ugHYKklH q40CI8POFBssk3WfsBhy3uZeTnjYWwr7ttFwygkTqdc+CDaM3qh7psXCgVNrNA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFK/LEDcd2BZUPBrl4V9 TIkiVBotqzpKpby2V1nPLi/AaE3/c+ylth2NIhHOh9MdHkkKjEUSvwIg7wqvgdrl oEmswnU6WJEoMUUiSLC9+KUNSE9FKnHfCkBtFzZQLWKzPpnM8EDtVO0i7rrC66eY hCVifV9CvZASN7W+pkpRGiTgz7bhJsqPli84EPN3cD+45tOAXNIi2b6YnmqilWOq Kn+5vKjHvwKgwxqj4BYtTs+xdaMCbtQmWzkauBSDlDlrm+Phd1Af1hnqegcv2TCT TgR/BqKlNdO+2fBPNTvzh6UoSaaUs+aYsLkoNMPrk6qVphngSQXbWcD3ZzuBvL0X qQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 281940172521327571703587074568521747813715 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-05 14:33:24 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-03 14:33:23 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'chiesigroup.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23268652066334180340606546938043712720518040967787165799026096268894451265947299768818662961086700330249538541431187845496334759236801070650197015807661187187573884865369745965479448655375392027463285154594015259859777286616771163746139133747356935338297087620950539021179582174861912260396233323030523945384844251314902683456569507248325178504389649307349709275957233502213065842331761781618176739076404352428501223758413528899780524913014879712567233481312322887269723687837960758993345307307827768814163819001216650488752510950088199037270775829919578139439834530930588104427682355744347712428424491591537304344489 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 586a03c39c881b8bef0e8bb76ad1882625cced7e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chiesigroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.chiesigroup.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000184486cdcef0000040300483046022100eac819cc4150b7b231cc4a0ff0eb0511d6b828b215d64ef8ccaa2933d1c1873f022100e12bb9ac5872800dcba5be60b0d0adf7b26c3fd9e6f169a27355f3d03dfe58150076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000184486cdd0a0000040300473045022074f53d0c87a96588eb91b0547e42f44a06293ead8485323ca839a31933fbfec80221008eb1ab2ef2fb53493793cf026c7540c6368108d9e45c45c07ec9b9e54a15c3f5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0034bf1ce8f3670fc4679d9f1c85a91fd86eb5ac77c4dd0900c69250d13682d44ed139746d15168829132a14e0dff5c00ab5bb97c5f3f8c01ad889c1fbb91d53f53e2a9b1dd1804eb37140cde5abebf3ef18f8fdef8093265b1a990df3021833563d5d82eeba3c8a0d40a044386aae91039e877527a1d8e93c2072ee356baf4aeb6a9424403a5dab3650202f4197b71e91bf659651250e57929c565ff5005c7c9ae812d75df5c607434c1eba683b249d48ccbbc1f01ff6af0ec335fdc16a4c6317f27f1c91f892a6c7154ef93eba01d82a4947ab8d0223c3ce141b2c93759fb01872dee65e4e78d85b0afbb6d170ca0913a9d73e08368cdea87ba6c5c281536b34